Commit Graph

4223 Commits

Author SHA1 Message Date
Régis Hanol 747f4812e4 fix custom emoji support when using subfolder 2017-03-24 02:09:39 +01:00
Régis Hanol 9f65658c5c register_emoji should work with subfolder installs 2017-03-24 01:08:12 +01:00
Arpit Jalan 9f930125f5 FIX: replace site_name in email subject with site title 2017-03-22 23:38:46 +05:30
Arpit Jalan 786fd6bbd2 Merge pull request #4774 from techAPJ/email-prefix
FIX: use email prefix only in subject
2017-03-22 14:18:50 +05:30
Matt Palmer da7a44064b Fix purge_tombstone for the brave new world of secure command execution 2017-03-22 10:27:07 +11:00
Arpit Jalan 1853a4852c FIX: use email prefix only in subject 2017-03-21 20:29:57 +05:30
Sam c106ca6778 FEATURE: fallback asset path for multi host setups 2017-03-20 15:59:17 -04:00
Sam bc96f0fe78 rescue failure to backup assets 2017-03-20 13:43:59 -04:00
Sam e14a63cc88 FEATURE: add support for backup asset path post precompile 2017-03-20 13:05:39 -04:00
Neil Lalonde 482578ba26 Version bump to v1.8.0.beta8 2017-03-20 12:05:03 -04:00
Arpit Jalan 521c88fe58 FIX: enqueue activation email for invited user that has password set 2017-03-20 17:13:21 +05:30
Guo Xiang Tan a1d04a7a9a Fix rspec tests. 2017-03-20 12:35:08 +08:00
Guo Xiang Tan 11dbadb96f Fix tests. 2017-03-20 11:19:20 +08:00
David Taylor 89d41ecb39 Add support for oneboxing twitter videos 2017-03-17 20:49:29 +00:00
David Taylor ea45cc1293 Request full tweets, since twitter has increased the allowed length 2017-03-17 20:36:53 +00:00
Guo Xiang Tan e7c972ac89 FIX: Don't use backticks that take in inputs. 2017-03-17 15:33:51 +08:00
Guo Xiang Tan b49bf889f6 SECURITY: Disallow symlinks when restoring uploads. 2017-03-17 14:27:01 +08:00
Guo Xiang Tan 1a7e954e09 FIX: Store custom emojis as uploads.
* Depending on a hardcoded directory was a flawed design
  which made it impossible to debug when custom emojis go
  missing.
2017-03-14 13:07:18 +08:00
Sam 82ca0e368e FEATURE: stop escaping special chars in title prettify
This feature is confusting and just leads to inconsistency
2017-03-13 10:02:20 -04:00
Sam 6ebddc42d1 FIX: include children categories when searching a category 2017-03-10 15:58:47 -05:00
Sam 16593ae8bf FEATURE: log reason staff auto blocks a user 2017-03-10 15:45:48 -05:00
Sam 20ed11f9a5 We must GC here otherwise we risk not freeing our v8 contexts 2017-03-10 11:36:10 -05:00
Sam b68d08404d shell to node to avoid high memory usage 2017-03-09 17:05:55 -05:00
Sam ab3faeb0f9 PERF: user mini racer to uglify assets 2017-03-09 16:44:50 -05:00
Guo Xiang Tan 9cc79363e0 Merge pull request #4744 from tgxworld/feature_seen_unseen_search
FEATURE: Search can be scoped to posts that the current user has seen…
2017-03-09 07:11:19 +08:00
Régis Hanol 00380d84c5 UX: display text & html parts alongside raw email in incoming email modal 2017-03-08 23:15:42 +01:00
Neil Lalonde a97fe5da13 Version bump to v1.8.0.beta7 2017-03-08 12:22:23 -05:00
Guo Xiang Tan c623951306 FEATURE: Search can be scoped to posts that the current user has seen/unseen.
https://meta.discourse.org/t/advanced-search-posts-that-i-have-seen/57966
2017-03-09 01:01:33 +08:00
Arpit Jalan cafe3dafcb UX: show expand button on internal topic onebox 2017-03-08 21:02:38 +05:30
Sam 9e9b497d20 Merge pull request #4742 from davidtaylorhq/patch-1
FIX: latest-version tag is shown by git-describe
2017-03-08 08:51:50 -05:00
Guo Xiang Tan 10ec554d97 Ensure we escape variables passed into our SQL query. 2017-03-08 20:37:59 +08:00
David Taylor 6fd34cede6 FIX: latest-version tag is shown by git-describe
Adds the -match "v[0-9]*" parameter to git describe, this means that only version tags will be used.
2017-03-08 11:05:11 +00:00
Régis Hanol ee9d621d9c FIX: surround the FROM alias with " in order to support the @ character 2017-03-07 23:37:21 +01:00
Sam 8d80a5d97e add some explicit scoping to help avoid erratic failure in test 2017-03-07 16:00:51 -05:00
Sam 99f4d5082b FIX: Improve token rotation and increase logging
- avoid access denied on bad cookie, instead just nuke it
- avoid marking a token unseen for first minute post rotation
- log path in user auth token logs
2017-03-07 13:27:43 -05:00
Robin Ward dad57fa033 FIX: More errors with non-ascii URLs 2017-03-07 11:21:41 -05:00
Guo Xiang Tan 5d9daa299a Only run plugin tests if plugins are loaded. 2017-03-07 16:36:49 +08:00
Guo Xiang Tan a28704bcee FIX: Can't recover a post when its user has been deleted.
https://meta.discourse.org/t/moving-posts-to-new-topic/58436
2017-03-06 14:29:06 +08:00
Sam c99f4260c0 Merge pull request #4729 from tgxworld/dont_mark_user_as_valid
FIX: Don't mark user as `active` if verified email is different.
2017-03-03 15:57:30 -05:00
Guo Xiang Tan bcf634ca85 Merge pull request #4728 from nbianca/username-regex
Add support for username regex.
2017-03-03 22:59:23 +08:00
Sam abc4dff0fe FEATURE: add bumped_before query param for topic list 2017-03-02 15:11:50 -05:00
Sam 4dac4c69a6 FEATURE: add `before` topic list filter 2017-03-02 14:54:33 -05:00
Sam 872d9eae45 FEATURE: add :all filter for messages 2017-03-02 14:54:33 -05:00
Bianca Nenciu 30909ec54e Add support for username regex. 2017-03-02 13:53:45 +02:00
Guo Xiang Tan fc0f363973 Run plugin specs as well. 2017-03-02 17:28:35 +08:00
Guo Xiang Tan 3d347fb9c4 FIX: Don't mark user as `active` if verified email is different. 2017-03-02 14:24:30 +08:00
Blake Erickson 80858bae2c FEATURE: further restrict downloading of backups
- send email to logged in admin when they press the "download" button
- show pop-up that email was sent
- create email template
- require a valid token to download backup
2017-03-01 08:28:34 -07:00
Robin Ward d27575176a Enforce a minimum amount of posters in a topic for `get_a_room` 2017-02-28 16:47:16 -05:00
Sam 122fb8025d FIX: last seen date erroneously updated when browser in background
In some cases user may be "last seen" even though browser tab is in
the background or computer is locked
2017-02-28 12:35:10 -05:00
Neil Lalonde 352f98d084 use named param in tag_topic_by_names 2017-02-28 12:08:06 -05:00
Neil Lalonde 292dd8623c Merge pull request #4622 from dmacjam/master
FEATURE: Append tags bulk action for topics
2017-02-28 11:36:58 -05:00
Sam 49a0f16ce4 Merge pull request #4723 from mcwumbly/fix-import-scripts
FIX: Import scripts were failing to load onebox sanitize config
2017-02-27 16:18:29 -05:00
Sam 1e980ad4e6 Merge pull request #4721 from oblakeerickson/sort_admin_users_api
FEATURE: Add order logic to admin users controller
2017-02-27 16:13:42 -05:00
Neil Lalonde e634b37f9a FIX: from field of emails should be including email_site_title or site title settings 2017-02-27 14:23:07 -05:00
Blake Erickson 0e6cb752da Clean up valid order names
Add a sortable mappings list to match other endpoints and so that you
don't have to use database column names.

Example: 'created' => 'created_at'

Also cleaned up some of the logic since a lot of it got moved into the
SORTABLE_MAPPING hash.
2017-02-25 11:51:40 -07:00
David McClure b188c30925 FIX: Import scripts were failing to load onebox sanitize config 2017-02-25 09:27:42 -08:00
Blake Erickson e9d5c3265c Change param asc to ascending
For consistency, change param asc to ascending:

https://meta.discourse.org/t/make-admin-users-list-sortable-suggestion/47649/17?u=oblakeerickson
2017-02-25 09:13:31 -07:00
Blake Erickson 0a41da6bad FEATURE: Add order logic to admin users controller
Added order and direction parameters for sorting admin user pages. This
commit only includes backend api changes.

https://meta.discourse.org/t/make-admin-users-list-sortable-suggestion/47649

Now you can pass in `order` and `asc` parameters to the
`/admin/users/list/<query>.json` endpoint.

Example:

`/admin/users/list/active.json?&order=post_count` which defaults to desc

and

`/admin/users/list/active.json?order=post_count&asc=true`
2017-02-24 17:11:17 -07:00
Régis Hanol ecdae9f863 FIX: i18n integrity specs
FIX: check all .yml files in the project for integrity
FIX: ensure localized yamls are compatible with english
2017-02-24 11:35:33 +01:00
Régis Hanol a2c04be718 FIX: eradicate I18n fallback issues 💣
FIX: client's translation overrides were not working when the current locale was missing a key
FIX: ExtraLocalesController.show was not properly handling multiple translations
FIX: JsLocaleHelper#output_locale was not properly handling multiple translations

FIX: ExtraLocalesController.show's spec which was randomly failing
FIX: JsLocaleHelper#output_locale was muting cached translations hashes

REFACTOR: move 'enableVerboseLocalization' to the 'localization' initializer
REFACTOR: remove unused I18n.js methods (getFallbacks, localize, parseDate, toTime, strftime, toCurrency, toPercentage)
REFACTOR: remove all I18n.pluralizationRules and instead use MessageFormat's pluralization rules

TEST: add tests for localization initializer
TEST: add tests for I18n.js
2017-02-24 11:31:21 +01:00
Rimian Perkins db9840b672 fix malformed qunit url
this removes the space between the query string and the URL

```
$MODULE='Acceptance: Search' rake qunit:test\[20000\]
....
Running: {"module":"Acceptance: Search"}
... http://localhost:60099/qunit?module=Acceptance%3A%20Search 20000
```

The timeout value seems to work fine.
2017-02-24 10:19:34 +11:00
Rafael dos Santos Silva f68540b022 Increase QUnit timeouts to allow on slower envs 2017-02-23 19:21:06 -03:00
Sam ea1007e954 FEATURE: add support for same site cookies
Defaults to Lax, can be disabled or set to Strict.

Strict will only work if you require login and use SSO. Otherwise when clicking on links to your site you will appear logged out till you refresh the page.
2017-02-23 12:01:28 -05:00
Sam ad435da377 fix typo 2017-02-23 10:58:53 -05:00
Sam Saffron b7d2edc7dc FIX: allow some auth token misses prior to clearing cookie
It appears that in some cases ios queues up requests up front
and "releases" them when tab gets focus, this allows for a certain
number of cookie misses for this case. Otherwise you get logged off.
2017-02-22 12:37:11 -05:00
Arpit Jalan 213a496203 FIX: show all staff events related to the target user 2017-02-22 13:31:40 +05:30
Arpit Jalan b32f33b3f0 FIX: allow staff members to send PMs when enable_private_messages is disabled 2017-02-22 11:32:09 +05:30
Arpit Jalan 046cbad10b FEATURE: add a button on admin user page that links to action log 2017-02-21 21:38:37 +05:30
Neil Lalonde 476ae57af3 FEATURE: primary group class on avatars in topic list 2017-02-20 15:55:10 -05:00
Jakub Macina 4a2f13348a ADD: Append tags bulk action for topics 2017-02-20 18:14:32 +01:00
Régis Hanol 3ce3abef8f FIX: add Content-Disposition and Content-Type headers when downloading attachments 2017-02-20 15:59:01 +01:00
Guo Xiang Tan 9baf89a901 Remove database vacuum task from Discourse. 2017-02-20 09:02:38 +08:00
Robin Ward cfc0cc936f FIX: Get a room wasn't enforcing sequential properly 2017-02-19 16:00:28 -05:00
Sam 1935f624b8 FEATURE: reset active record cache in sidekiq if needed
This can happen in multisite environments after restores
2017-02-17 12:09:53 -05:00
Sam 7a85469c4c SECURITY: inactive/suspended accounts should be banned from api
Also fixes edge cases around users presenting multiple credentials
2017-02-17 11:03:09 -05:00
Sam Saffron 040e10a627 reduce duplication 2017-02-15 17:27:10 -05:00
Sam 74d4209d24 FEATURE: allow plugins to register custom topic list filters 2017-02-15 15:25:43 -05:00
Neil Lalonde c085e8f85f Version bump to v1.8.0.beta6 2017-02-14 17:40:44 -05:00
Rafael dos Santos Silva 6a271a7695 Increase Qunit tests timeout on Docker tests 2017-02-14 16:09:14 -02:00
Sam dacfdd4dc8 use chars as opposed to split 2017-02-14 09:40:15 -05:00
Sam 8feb94e13f FIX: password validator was being too strict 2017-02-14 09:18:04 -05:00
Régis Hanol d88562e72b Revert "use RFC-complient signature separator dash-dash-space" 2017-02-14 14:58:08 +01:00
Neil Lalonde 53d8d126a4 Version bump to v1.8.0.beta5 2017-02-13 16:46:08 -05:00
Sam 0ab96a7691 FEATURE: add hidden setting for verbose auth token logging
This is only needed to debug auth token issues, will result in lots
of logging
2017-02-13 14:01:09 -05:00
Neil Lalonde 94e1105af7 fix unique char counting in password validator 2017-02-10 10:38:17 -05:00
Robert Riemann bcd4513963 use RFC-complient signature separator dash-dash-space
currently, Discourse uses '---' in its notifications to
separate the signature with unsubscribe links etc. from
the body of the message.

The RFC standard defines '-- '.
https://www.ietf.org/rfc/rfc3676.txt (4.3)

The problem has been discussed in:

https://meta.discourse.org/t/previous-replies-separator-is-not-rfc-compliant/39410

And an incomplete fix has been added a year ago:
86819f08c3

The separator is important, because some mail clients strip off the
signature automatically in replies if the signature is recognised as such.
2017-02-10 11:46:02 +01:00
Neil Lalonde 1bcb835446 FEATURE: passwords must have a minimum number of unique characters, configurable with a new setting 2017-02-09 15:00:22 -05:00
Régis Hanol 91d09ebc08 post ids are always an integer 2017-02-08 23:46:11 +01:00
Régis Hanol e9e88a010f FIX: find replied-to post even when incoming email doesn't have a reply key 2017-02-08 21:38:52 +01:00
Robin Ward 5a4c393231 UX: Include the username and link of the user for get_a_room 2017-02-08 15:27:07 -05:00
Neil Lalonde 5a8bbe663a FEATURE: include most popular tag in page title for webcrawlers of tagged uncategorized topics 2017-02-07 16:55:42 -05:00
Sam Saffron df8f365d99 FEATURE: improve search so it searches sub categories by default
If you want an exact category match use `category:=howto` or `#=howto"
2017-02-07 15:53:37 -05:00
Régis Hanol 02bb7beaaf FIX: don't put attachments on the CDN when 'prevent anons from downloading files' is enabled 2017-02-07 18:06:44 +01:00
Sam f34907b523 Merge pull request #4681 from vietqhoang/feature/add-user-title-to-sso-payload
FEATURE: Add user title to SSO payload
2017-02-07 10:25:32 -05:00
Sam ff49f72ad9 FEATURE: per client user tokens
Revamped system for managing authentication tokens.

- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes

New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.

Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
Régis Hanol ba115480ba FIX: wasn't extracting links to quoted posts 2017-02-06 14:45:04 +01:00
Régis Hanol ceee2a509a remove warning of previously defined constant when running the specs 2017-02-05 19:07:18 +01:00
Robin Ward f1e7bca3c9 FEATURE: Warn a user when they're replying to the same user too much 2017-02-03 17:00:54 -05:00
Arpit Jalan dc2171960b FIX: allow existing users to be invited to topic/message when must_approve_users is enabled 2017-02-03 13:01:23 +05:30
Régis Hanol 82555ca761 FIX: mail threading wasn't working properly in Mac Mail 2017-02-01 23:02:41 +01:00
Sam f932cb51f3 FIX: stop stripping local onebox links from tracker
When a onebox was made to a local topic it was not tracked using link
tracker
2017-02-01 14:21:01 -05:00
Régis Hanol c725225f69 FIX: log message when revoking email with too many bounces 2017-02-01 16:53:24 +01:00
Viet Hoang 40164ccd4a Add user title to SSO payload 2017-01-31 16:42:27 -08:00
Rimian Perkins 25516874b5 FIX: Escape regexp chars in `SiteSetting.censored_words`. 2017-01-31 10:14:51 +08:00
Régis Hanol 8fc7420f83 FIX: prevent huge custom emojis in emails 2017-01-30 18:06:48 +01:00
Arpit Jalan 19f7beaa2c FIX: topic links were getting dropped when post is rebaked 2017-01-30 14:55:53 +05:30
Leo McArdle c76f6856ea FEATURE: reply as new message to the same recipients 2017-01-27 12:24:31 +08:00
Neil Lalonde 0a1d05c3b2 Version bump to v1.8.0.beta4 2017-01-26 17:38:06 -05:00
Neil Lalonde 8923e407fe Version bump to v1.8.0.beta3 2017-01-26 13:34:01 -05:00
Arpit Jalan 061c3dd6c1 typo 2017-01-25 22:46:05 +05:30
Arpit Jalan 89d7ddd803 FEATURE: new rake task to delete a word/string from all the posts 2017-01-25 22:33:39 +05:30
Arpit Jalan bc4f443fde typo 2017-01-25 21:23:25 +05:30
Guo Xiang Tan ba21ef34e5 Fix broken emojis. 2017-01-24 16:17:30 +08:00
Arpit Jalan 80e573e794 FIX: support removing all occurences of a word/string 2017-01-24 12:52:38 +05:30
Arpit Jalan e27ca3019b FEATURE: posts:remap task now supports removing all occurences of a word 2017-01-24 12:00:57 +05:30
Guo Xiang Tan eafd0a7497 Bye bye bygbug. 2017-01-24 14:07:55 +08:00
Guo Xiang Tan ce07da1d8b UX: Only display the words that fails censored words validations. 2017-01-24 13:11:05 +08:00
Robin Ward 9c9e0f5eca FIX: Move the middleware 2017-01-18 18:22:03 -05:00
Robin Ward fffa285dbf Insert middleware in production mode if enabled 2017-01-18 18:05:56 -05:00
Neil Lalonde 61d4c1203e FEATURE: group avatar flair shows on topic participants list, and participant avatars can have custom styles 2017-01-18 11:38:00 -05:00
Arpit Jalan 01c8974c36 typo 2017-01-18 20:10:49 +05:30
Guo Xiang Tan e3b6f9b8ae FIX: Do not update user stats like counts for private messages. 2017-01-16 11:07:53 +08:00
Robin Ward adb73180f7 FEATURE: Let plugins register themes easily 2017-01-13 11:50:52 -05:00
Robin Ward d49473757e Version bump to v1.8.0.beta2 2017-01-13 11:39:52 -05:00
Matt Palmer 04ae3539d0 FEATURE: Better error message when incoming e-mail is missing a Date: header 2017-01-13 11:05:00 +11:00
Régis Hanol 499a83270a FIX: don't onebox to IP addresses 2017-01-12 22:35:33 +01:00
Régis Hanol dfb633fde3 remove 'already initialized constant' warning 2017-01-11 11:03:36 +01:00
Guo Xiang Tan cdd550e947 Use a different Redis key when PG failover sets site to readonly mode. 2017-01-11 16:38:49 +08:00
Neil Lalonde 42c39ab38e Don't display email addresses in staff action logs for revoked email 2017-01-10 17:51:22 -05:00
Neil Lalonde e84fcc7d74 Staff action logs explain when system is deleting a post because author marked it to be deleted 2017-01-10 17:25:36 -05:00
Robin Ward b60bc47a4c Plugins can register providers for global settings 2017-01-09 17:18:58 -05:00
Régis Hanol 185dcb2ca1 handle emails with localized headers 😠 2017-01-09 22:59:30 +01:00
Robin Ward 3b74c0e3b8 FIX: Don't allow formatting in titles when quoting other topics 2017-01-09 14:53:04 -05:00
Robin Ward c2a85440b6 Merge pull request #4640 from krainboltgreene/patch-1
Allow for a custom hub server
2017-01-09 10:40:11 -05:00
Guo Xiang Tan 429b02a5d5 oops fix specs. 2017-01-09 17:08:24 +08:00
Guo Xiang Tan 3d21ccd4a5 FIX: Add validation to disallow censored words in topic title. 2017-01-09 16:55:41 +08:00
Kurtis Rainbolt-Greene 393f49f224 Allow for a custom hub server 2017-01-06 14:54:38 -08:00
Neil Lalonde e0bbe331df Version bump to v1.8.0.beta1 2017-01-06 16:10:39 -05:00
Régis Hanol 98c62bccb5 FIX: mark forwarded email as read by the forwarder
FIX: 'Re:' prefix is mostly used for replies and not forwarded emails
2017-01-06 15:33:55 +01:00
Guo Xiang Tan 1cb09aec49 FIX: Suppress error when acccess is invalid. 2017-01-06 13:18:04 +08:00
Guo Xiang Tan d10fe51b72 Fix broken specs since all urls will be oneboxed. 2017-01-06 10:05:51 +08:00
Guo Xiang Tan a89f60b85b Merge pull request #4631 from tgxworld/prevent_users_from_changing_permissions_of_non_real_users
FIX: Do not allow admins to meddle with admin and moderation access o…
2017-01-04 09:10:27 +08:00
Robin Ward cf7774bdd9 FEATURE: Block muted users from sending you PMs 2017-01-03 14:51:53 -05:00
Jeff Atwood 15a0f3cb14 add vertical align to email blockquote avatar img 2017-01-02 13:49:00 -08:00
Arpit Jalan 495a511862 simplify quote markup in emails 2017-01-02 21:37:01 +05:30
Neil Lalonde 477b237e45 FIX: use 'other' instead of 'many' for Ukrainian pluralization until translations are fixed 2016-12-30 11:49:25 -05:00
Guo Xiang Tan f1beef43a8 Merge pull request #4618 from tgxworld/fix_invalid_emails
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
Guo Xiang Tan c7b151683d FIX: Do not allow admins to meddle with admin and moderation access of non real users. 2016-12-29 11:11:33 +08:00
Neil Lalonde dd4937a493 Version bump to v1.7.0.beta11 2016-12-28 18:14:06 -05:00
Sam d28d8a1f85 FIX: order by op_likes leads to broken browsing 2016-12-27 19:08:54 +11:00
Sam 2f6a4cc6de remove UserActionObserver, replace with after_save and service
interestingly there was some left over dead code from when stars
existed in the topic_users table
2016-12-22 16:46:53 +11:00
Sam 0a78ae739d Remove SearchObserver, aim is to remove all observers
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
Guo Xiang Tan 13c6191e89 FIX: Don't allow invalid email to be saved. 2016-12-21 17:47:11 +08:00
Guo Xiang Tan 5d7f3223f0 SECURITY: Users can only bookmark posts which they can see. 2016-12-21 12:01:26 +08:00
Neil Lalonde c75bebdea2 FIX: uncategorized setting to control whether topic featured links are allowed 2016-12-20 15:55:30 -05:00
Régis Hanol b12b2b1911 change onebox preview key for me consistency 2016-12-20 11:18:47 +01:00
Sam ea9f7a41af remove gctools (no longer used) add gctracer for debugging 2016-12-20 15:07:30 +11:00
Régis Hanol 52cd9972bb FIX: prevent DDoS with lots of _oneboxable_ links
FIX: ensure the onebox route is only allowed to logged in users
FIX: only allow 1 outgoing onebox preview per user
FIX: client should only do 1 preview at a time
2016-12-20 00:31:10 +01:00
Sam 2b808ad9da Merge pull request #4609 from joebuhlig/category-topics-wiki
FEATURE: Category setting to make all topics wikis
2016-12-20 09:15:51 +11:00
Neil Lalonde a65281d5ea FIX: better support for featured link topics in summary emails 2016-12-19 17:05:49 -05:00
Neil Lalonde 3256620d5d FIX: some blank topics and posts in summary email because they're images 2016-12-19 16:21:31 -05:00
Neil Lalonde 923cf73c6e Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox. 2016-12-19 14:54:07 -05:00
Robin Ward e03d5e2140 Reapply Ember 2.10 for good this time!
This reverts commit ddd299f4aa.
2016-12-19 11:19:10 -05:00
Joe Buhlig 87251fded7 FEATURE: Category setting to make all topics wikis
FEATURE: Category setting to make all topics wikis
2016-12-19 06:42:18 -06:00
Régis Hanol c7289f423f fix letter_avatar spec 2016-12-19 10:00:28 +01:00
Sam e0ff57ca75 SECURITY: prevent reuse of password reset 2016-12-19 18:00:22 +11:00
Robin Ward ddd299f4aa Revert "Revert "Revert Ember 2.10+ for a short while""
This reverts commit 76bbc481cb.
2016-12-16 10:29:30 -05:00
Robin Ward 76bbc481cb Revert "Revert Ember 2.10+ for a short while"
This reverts commit 21682fd60b.
2016-12-16 09:52:29 -05:00
Sam 6ff309aa80 SECURITY: don't grant same privileges to user_api and api access
User API is no longer gets bypasses that standard API gets.
Only bypasses are CSRF and XHR requirements.
2016-12-16 12:05:43 +11:00
Régis Hanol 197517d55e FIX: locally uploaded audio & video files should onebox even when the extension is uppercase 2016-12-15 23:21:44 +01:00
Robin Ward 21682fd60b Revert Ember 2.10+ for a short while 2016-12-15 16:43:38 -05:00
Neil Lalonde f01f95d62d FEATURE: new settings to customize some colors in emails 2016-12-15 14:43:53 -05:00
Neil Lalonde e6361d1228 Version bump to v1.7.0.beta10 2016-12-14 14:57:51 -05:00
Guo Xiang Tan c80466a801 Merge pull request #4589 from tgxworld/rescue_error
FIX: Don't raise error when admin access is invalid.
2016-12-14 17:43:44 +08:00
Guo Xiang Tan 9a800107cb FIX: Associate category logo and background to uploads record. 2016-12-12 17:37:28 +08:00
Guo Xiang Tan 05f55dbc10 FEATURE: Group logs. 2016-12-12 17:29:54 +08:00
Neil Lalonde 17bc42fe85 FIX: box style category badges in emails, and shrink text and some spacing in summary email 2016-12-09 16:59:54 -05:00
Neil Lalonde fb2633366a FIX: featured link topics shouldn't require the same min post length 2016-12-09 15:46:26 -05:00
Neil Lalonde a4c4f13901 Remove the topic_featured_link_onebox setting. We will always try to onebox a link and add it to the body if topic_featured_link_enabled is enabled. 2016-12-09 13:28:12 -05:00
Sam 846597f563 FIX: staff tags are stripped by non-staff 2016-12-09 17:24:26 +11:00
Sam 02b21a26dd Merge pull request #4585 from ibnesayeed/urdu-support
Add initial Urdu support with RTL direction
2016-12-09 13:01:25 +11:00
Neil Lalonde ee54e37a1f Version bump to v1.7.0.beta9 2016-12-07 17:50:43 -05:00
Régis Hanol f4688f74db FIX: emoticons stop summary from being updated 2016-12-07 23:05:14 +01:00
Sawood Alam 3f765e0227
Added Urdu locale file for moment.js 2016-12-06 13:55:38 -05:00
Erick Guan 52763f5115
FEATURE: Allow posting a link with topics 2016-12-05 17:20:54 +01:00
Régis Hanol 951ef0d949 UX: fix onebox styling in emails 2016-12-05 12:00:04 +01:00
Guo Xiang Tan 4b75ad5110 FIX: Don't raise error when admin access is invalid. 2016-12-05 17:36:45 +08:00
Guo Xiang Tan 22059d4df9 Add Rake task to clean up unused multisite Redis keys. 2016-12-05 11:46:34 +08:00
Guo Xiang Tan ce36f54dcd Add rake task to clean up orphane Redis keys when a multisite has been removed. 2016-12-05 11:39:08 +08:00
Sam 39a524aac8 FEATURE: brotli cdn bypass for assets
Allow CDNS that strip out brotli encoding to use brotli regardless
2016-12-05 13:57:09 +11:00
Sam 33d0a23d84 Merge branch 'fix_whisper' 2016-12-05 10:01:03 +11:00
Guo Xiang Tan 3971f96aa6 Merge pull request #4536 from fantasticfears/webhooks-edit
FIX: missing post and topic edited webhooks
2016-12-02 10:16:19 +01:00
Sam 9b885c039a Merge branch 'master' into fix_whisper 2016-12-02 17:44:05 +11:00
Sam c04d4171ff FIX: whisper no longer experimental
- Regular users are not notified of whispers
- Regular users no longer have "stuck" topics in unread
- Additional tracking for staff highest post number
- Remove a bunch of unused columns in topics table
2016-12-02 17:03:31 +11:00
Régis Hanol eb453d0f82 the note in a FWed email should be a whisper only in PM and when the author is member of the group 2016-12-01 18:43:56 +01:00
Régis Hanol 62763f025c FIX: wasn't able to parse FROM email in the embedded email 2016-12-01 18:34:47 +01:00
Erick Guan 8c8549b27b
FIX: missing post and topic edited webhooks 2016-11-30 20:49:45 +01:00
Neil Lalonde 4f8c6b2d83 FIX: error reporting from SystemMessage.create 2016-11-30 13:16:30 -05:00
Guo Xiang Tan 1e7de826dc FIX: Remove unused code. 2016-11-30 16:39:38 +08:00
Guo Xiang Tan f794c25f60 FIX: Ensure a Thread is always running. 2016-11-30 16:38:21 +08:00
Guo Xiang Tan b8441fba27 Merge pull request #4546 from tgxworld/fix_postgresql_failover
Fix postgresql failover
2016-11-30 09:36:52 +01:00
Guo Xiang Tan 5200446eb7 Increase Qunit tests timeout on Travis. 2016-11-30 16:35:44 +08:00
Sam 0631a84ca0 Merge pull request #4576 from cpradio/min-posts-search
FEATURE: Add min_post_count search filter
2016-11-29 10:19:33 +11:00
Neil Lalonde 1b393a4013 Version bump to v1.7.0.beta8 2016-11-28 16:07:08 -05:00
cpradio 66ca6d622e FEATURE: Add min_post_count search filter 2016-11-28 11:43:12 -05:00
Régis Hanol a03287f2ee FIX: 'In-Reply-To' header should default to topic_message_id 2016-11-28 14:18:02 +01:00
Arpit Jalan 988aca6d92 FIX: bump opengraph user avatar image to 200px 2016-11-26 23:00:18 +05:30
Régis Hanol 74b6fe8739 FIX: respect RFCs when setting 'In-Reply-To' and 'References' email headers 2016-11-25 23:25:39 +01:00
Sam bc6ee85850 FIX: stop caching locale cause it bleeds in multisite 2016-11-25 11:35:29 +11:00
Neil Lalonde 36a80871a3 FIX: category_importer was importing public categories so that no one had permission to them, not even staff 2016-11-24 17:12:30 -05:00
Guo Xiang Tan dd4cab3be2 FIX: Set master to true before forcing slave connections to reconnect. 2016-11-23 14:04:43 +08:00
Guo Xiang Tan 02025207d5 FIX: Make sure Redis fallback don't fall into a permanent readonly state. 2016-11-23 11:31:20 +08:00
Guo Xiang Tan 3909f342f6 FEATURE: Allow options to be set when adding model callbacks. 2016-11-21 10:20:31 +08:00
Arpit Jalan 2d0c99636a do not add rel noreferrer 2016-11-20 18:19:14 +05:30
Arpit Jalan 7cb76f7333 FIX: add rel noopener and noreferrer in addition to nofollow 2016-11-20 17:07:27 +05:30
Régis Hanol a0f1090d79 FIX: custom emojis leaking over multisites 2016-11-17 19:35:39 +01:00
Régis Hanol 2125a630d9 FIX: encoding issues with forwarded emails 2016-11-17 12:44:39 +01:00
Guo Xiang Tan e8a3043129 Spawn a single thread that checks for PostgreSQL fallback. 2016-11-17 13:52:08 +08:00
Régis Hanol a69f45d0da FEATURE: new 'always_show_trimmed_content' site setting 2016-11-16 22:06:07 +01:00
Régis Hanol 17f2be9f88 FEATURE: new 'enable_forwarded_email' site setting 2016-11-16 19:42:11 +01:00
Robin Ward 67e2041691 Prevent topic_retriever from retrieving more than once a minute 2016-11-16 12:04:16 -05:00
Robin Ward 0f9e45f283 Allow the loader to understand when files are moved 2016-11-15 11:41:16 -05:00
Guo Xiang Tan a76d834fd5 Fix invalid command. 2016-11-15 15:24:19 +08:00
Guo Xiang Tan 7e8a975e20 Reduce number of tries when tests time out. 2016-11-15 15:23:53 +08:00
Sam f4c754b389 FEATURE: split JavaScript application bundle, so plugins live in own file
This adds plugin.js and plugin_third_party.js files
2016-11-15 11:43:13 +11:00
Sam 3d76ce1421 FEATURE: SSO support for adding and removing a user to groups
Use: add_groups with a comma delimited list to ensure a user is in groups (using group names)

Use: remove_groups with a comma delimited list to ensure a user is removed from groups (using group names)
2016-11-11 16:57:31 +11:00
Arpit Jalan 96f5079006 improve default_categories_watching_first_post copy 2016-11-10 00:15:14 +05:30
Arpit Jalan 9e69798285 FEATURE: watch first post default site setting 2016-11-10 00:09:52 +05:30
Guo Xiang Tan 7a1400cc4b Remove undefined variable. 2016-11-09 21:06:21 +08:00
Guo Xiang Tan 857986e2c0 FIX: Don't change return value to blank string. 2016-11-09 11:13:56 +08:00
Neil Lalonde 86522a52b7 FEATURE: add censored_pattern setting to censor posts using regex 2016-11-08 16:39:26 -05:00
Régis Hanol 78cd42943f FEATURE: add 'emoji-custom' class to custom emojis 2016-11-08 16:36:09 +01:00
Sam a1a7094604 Merge pull request #4539 from tgxworld/use_a_time_task_for_redis_failover
PERF: Spawn a seperate timer task to check if Redis master is up.
2016-11-08 11:18:54 +11:00
Régis Hanol 9ef724a065 FIX: self-onebox in read protected categories 2016-11-07 18:14:28 +01:00
Guo Xiang Tan fbbcde1230 FIX: Don't treat master as up if it is still loading data. 2016-11-07 15:28:10 +08:00
Guo Xiang Tan 9375dcb6fe PERF: Spawn a seperate timer task to check if Redis master is up. 2016-11-07 15:04:28 +08:00
Sam 2ddabc3928 FIX: protect against future regressions of google omniauth 2016-11-07 12:48:00 +11:00
Kiffin Gish 3aa22715af A new guard for changing post timestamps called can_change_post_timestamps? 2016-11-06 20:14:09 +01:00
Guo Xiang Tan 9fd317306c FIX: Do not show educational message for PMs. 2016-11-04 17:06:53 +08:00
Régis Hanol a655e4b092 ensure we allow self oneboxing of login required sites 2016-11-03 22:48:32 +01:00
Régis Hanol 17169b3037 FIX: issues with 'X-MSYS-API' custom header 2016-11-03 02:26:12 +01:00
Neil Lalonde 61069bf378 Version bump to v1.7.0.beta7 2016-11-02 13:47:48 -04:00
Sam c995fd65be fix oops 2016-11-02 17:00:24 +11:00
Sam 7e43e73df6 FIX: properly reset all contexts after forking
Fixes hang on backup
2016-11-02 13:34:20 +11:00
Neil Lalonde 9ef1688a76 FEATURE: per-category default topic list sort order 2016-11-01 12:18:41 -04:00
Guo Xiang Tan 637c474f4e PERF: Don't build wizard until we actually load the wizard. 2016-11-01 16:38:20 +08:00
Arpit Jalan 382803cb05 FEATURE: include post image in OpenGraph image tag 2016-10-31 15:11:33 +05:30
Régis Hanol f8caae0be7 FIX: don't overwrite custom email headers when using mandrill/sparkpost 2016-10-30 11:38:55 +01:00
Régis Hanol 71f940d478 FIX: use metadata to hold the message_id with sparkpost 2016-10-27 19:35:50 +02:00
Sam 497ff76a67 make sure 1 is a string 2016-10-27 18:08:01 +11:00
Sam 3e7190866a make code a bit safer 2016-10-27 16:50:56 +11:00
Sam 8a477f1857 FEATURE: added X-Discourse-TrackView header
This header is set to 1 if the particular request is a tracked page view
2016-10-27 16:48:27 +11:00
Sam 9848e26190 FIX: force secure cookies on session if force https is enabled 2016-10-27 15:15:58 +11:00
Robin Ward b601120b39 Support for Raw Handlebars and helpers in Ember 1.13 2016-10-26 10:27:57 -04:00
Guo Xiang Tan 49c27d9a88 FEATURE: Add interface in `Plugin::Instance` to register a seedfu fixture. 2016-10-25 14:57:31 +08:00
Régis Hanol 08d53b32ca let's try loading onebox engines this way 2016-10-25 01:25:44 +02:00
Régis Hanol 70b79328ab FIX: overwrite onebox's whitelist 2016-10-25 00:21:02 +02:00
Régis Hanol 923db2e559 FIX: download avatar from facebook/twitter in a job in order to prevent hangs when avatars are huge 2016-10-24 17:15:13 +02:00
Régis Hanol 3841cd9a7f FEATURE: onebox everything by default
FEATURE: new 'max_oneboxes_per_post' site setting
FEATURE: change onebox whitelist to a blacklist
PERF: debounce the loading of oneboxes
PERF: improve perf of mention links in preview
FIX: sort loading of custom oneboxer
2016-10-24 12:46:22 +02:00
Régis Hanol 2a61cc8c88 FIX: email styling with blacklisted iframes 2016-10-21 12:37:03 +02:00
Régis Hanol 35a79a70c3 FIX: uploading custom avatar was always hidden 2016-10-20 19:53:41 +02:00
Neil Lalonde b85056f4cd Version bump to v1.7.0.beta6 2016-10-20 10:49:55 -04:00
Robin Ward c03d25f170 FEATURE: Configure Admin Account
Adds a "Step 0" to the wizard if the site has no admin accounts where
the user is prompted to finish setting up their admin account from the
list of acceptable email addresses.

Once confirmed, the wizard begins.
2016-10-19 11:27:56 -04:00
Sam 674264726d FIX: should not be allowed to see users list of people who started a PM 2016-10-19 17:36:35 +11:00
Guo Xiang Tan 7db33cc512 FIX: Videos and audio files were not associated to the post. 2016-10-18 16:13:39 +08:00
Neil Lalonde 3b9a1410f8 report errors from the populate.thor tool 2016-10-17 14:01:37 -04:00
Régis Hanol 93dfc87b99 FIX: always set the 'content_type' when storing a file on S3 2016-10-17 19:16:29 +02:00
Régis Hanol 0862ad406d FIX: pull twitter's avatar & profile when signing up 2016-10-17 15:43:40 +02:00
Régis Hanol 3949c24f80 FIX: sparkpost webhooks support 2016-10-17 11:26:49 +02:00
Sam b246f1a694 FEATURE: set secure flag on _t cookie if https is forced 2016-10-17 12:11:49 +11:00
Neil Lalonde 2dfc0ddf81 loosen restrictions on chars in tags 2016-10-14 15:29:47 -04:00
Régis Hanol bd1328c189 FIX: show the wizard to developers too 2016-10-14 11:09:55 +02:00
Sam f4f5524190 FEATURE: user API now contains scopes so permission is granular
previously we supported blanket read and write for user API, this
change amends it so we can define more limited scopes. A scope only
covers a few routes. You can not grant access to part of the site and
leave a large amount of the information hidden to API consumer.
2016-10-14 16:05:42 +11:00
Régis Hanol 9dd1f7b5b6 pull avatar, bio & location from Twitter 2016-10-13 10:49:51 +02:00
Neil Lalonde 0328141e05 FIX: prevent creation of tags with invalid characters 2016-10-12 15:44:36 -04:00
Rafael dos Santos Silva 41d2620d06 Add some styling to print redux version 2016-10-12 14:00:05 -03:00
Sam 89daa43754 FEATURE: remap emojis back for push notifications and desktop alerts 2016-10-11 13:03:48 +11:00
Sam 6031e692f0 Merge pull request #4366 from xfalcox/print
Print Support
2016-10-11 11:47:20 +11:00
Sam aaec05e36a FIX: stop asking for bio from facebook, it is deprecated 2016-10-11 10:56:07 +11:00
Sam 0f0b657182 Merge pull request #4447 from pmusaraj/approve_new_topics_setting
FEATURE: add "Approve new topics unless user level" setting
2016-10-11 10:14:28 +11:00
Sam ea1f0683c8 Merge pull request #4477 from cpradio/watching-state-on-reply
FEATURE: Add notification level user preference when replying to a topic
2016-10-11 10:05:37 +11:00
Régis Hanol 8f68a95e56 FIX: trim leading & trailing whitespaces in admin user search 2016-10-10 16:18:57 +02:00
Sam 3e513f5c05 Merge pull request #4459 from vibol/master
FEATURE: sparkpost webhook
2016-10-10 17:17:17 +11:00
Sam Saffron 647ee46edf FIX: don't stem the search term
Search for "canned" not working correctly and "butted", "ands" and many more :)
2016-10-07 12:40:57 +11:00
Arpit Jalan 20c9c60dea FEATURE: support multisite configuration for search:reindex task 2016-10-01 08:54:15 +02:00
cpradio 6f1c31d777 Add notification level user preference when replying to a topic 2016-09-30 14:58:07 -04:00
Sam Saffron 4d8d5613e4 FEATURE: add min_trust_level_to_edit_post
add minimum trust level to edit post (default 0)
2016-10-01 02:12:27 +10:00
Guo Xiang Tan ccd75cf987 FIX: Ensure that the right locale exists before merging. 2016-09-30 15:01:42 +08:00
Vibol Hou c3d60d5d1d Merge remote-tracking branch 'upstream/master' 2016-09-29 02:12:05 -07:00
Guo Xiang Tan 72ccb4e11d FIX: Plugin "admin_js" translations bundle was not fetched. 2016-09-29 04:42:26 +08:00
Rafael dos Santos Silva 5bdaaca848 Make it square! 2016-09-28 12:49:22 -03:00
Rafael dos Santos Silva f5746f490f Uses higher resolution pictures when importing avatars from Facebook 2016-09-28 01:38:41 -03:00
Vibol Hou 34af73c7cb FEATURE: sparkpost webhook 2016-09-26 22:13:34 -07:00
Rafael dos Santos Silva 0229df4c73 Second review fixes 2016-09-26 20:46:55 -03:00
Rafael dos Santos Silva 2a5a0bebb3 Adjusts from review 2016-09-26 20:46:55 -03:00
Rafael dos Santos Silva 804019647e Makes it possible to paginate on print page 2016-09-26 20:46:55 -03:00
Rafael dos Santos Silva 9a46af59ad FIX: TopicView were using Topic.relative_url instead of TopicView.relative_url on all methods. 2016-09-26 20:46:55 -03:00
Rafael dos Santos Silva 70c68f0a7c Open print dialog automatically 2016-09-26 20:44:50 -03:00
Rafael dos Santos Silva c12e533273 Feature: Adds a button to print a topic 2016-09-26 20:44:50 -03:00
Sam df751ed6ec Merge pull request #4457 from JaredReisinger/github-auth-with-email-whitelist
Add support for email whitelist/blacklist to GitHub auth
2016-09-23 09:49:14 +10:00
Robin Ward 3c12dd6549 FIX: Consider lazyYT divs as links when extracting 2016-09-22 16:50:24 -04:00
pmusaraj 0344388924 added tests and enabled queue when new setting is > 0 2016-09-22 14:51:36 -04:00
Jared Reisinger 2ae7c47a3c Add support for email whitelist/blacklist to GitHub auth
If a site is configured for GitHub logins, _**and**_ has an email domain
whitelist, it's possible to get in a state where a new user is locked to
a non-whitelist email (their GitHub primary) even though they have an
alternate email that's on the whitelist.  In all cases, the GitHub
primary email is attempted first so that previously existing behavior
will be the default.

- Add whitelist/blacklist support to GithubAuthenticator (via
  EmailValidator)

- Add multiple email support GithubAuthenticator

- Add test specs for GithubAuthenticator

- Add authenticator-agnostic "none of your email addresses are allowed"
  error message.
2016-09-22 11:31:10 -07:00
Neil Lalonde adfa2cb09e Version bump to v1.7.0.beta5 2016-09-22 12:44:10 -04:00
Robin Ward 373004a00e FIX: Incorrect color scheme name in admin after using wizard 2016-09-22 11:16:01 -04:00
Robin Ward 9bba0f3288 FIX: Show "Categories" when you are viewing the categories pills 2016-09-22 09:52:19 -04:00
Robin Ward a95bb6006d Show staff count on invites page, don't warn if you have 3 2016-09-22 09:52:19 -04:00
Robin Ward 14bee641aa Can choose categories or latest as homepage style 2016-09-22 09:52:19 -04:00
Robin Ward 2a0443445b New step to choose emoji set 2016-09-22 09:52:19 -04:00
Robin Ward 2545c2ffa6 Add new welcome message step 2016-09-22 09:52:19 -04:00
Robin Ward 9938f9bd67 Added images to the first and last step of the wizard 2016-09-22 09:52:19 -04:00
Robin Ward b0ee7930e8 Server side support for inviting as a moderator via the wizard 2016-09-22 09:52:19 -04:00
Robin Ward 28cd49f02b Split Logos and Icons into separate steps 2016-09-22 09:52:19 -04:00
Robin Ward 4f9a7aa769 FIX: Prompt for the wizard for the first admin who logs in 2016-09-22 09:52:19 -04:00
Robin Ward 644bcbc253 Make the site contact a drop down of admin users 2016-09-22 09:52:19 -04:00
Robin Ward 74ed2e82ac UX: Wiggle invalid form elements. Don't allow a site title of Discourse 2016-09-22 09:52:19 -04:00
Robin Ward 29cf47cfb2 Track steps the user has completed, nag them to finish it. 2016-09-22 09:52:19 -04:00
Robin Ward ef84981e38 Invite Users step 2016-09-22 09:52:19 -04:00
Robin Ward 35b767f6af Company Name Step which updates the TOS 2016-09-22 09:52:19 -04:00
Robin Ward 28b6c300a0 Clean up wizard updater API for better plugin use 2016-09-22 09:52:19 -04:00
Robin Ward e3640ee5f6 Privacy Step 2016-09-22 09:52:19 -04:00
Robin Ward af83c8dc14 Upload Logos Step 2016-09-22 09:52:19 -04:00
Robin Ward c94e6f1b96 Add locale step 2016-09-22 09:52:19 -04:00
Robin Ward 3f6e3b9aff Wizard - Color Scheme Step 2016-09-22 09:52:19 -04:00
Robin Ward 9f12b571ef Wizard: Server Side Validation + Finished Step 2016-09-22 09:52:19 -04:00
Robin Ward be1d74d207 Split out common functions into `discourse-common` module 2016-09-22 09:52:19 -04:00
Robin Ward 3a4615c205 Wizard: Step 1 2016-09-22 09:48:58 -04:00
Robin Ward 6070939daa Support for other i18n bundles 2016-09-22 09:48:58 -04:00
Régis Hanol 9aecf4e6d1 Merge pull request #4455 from tgxworld/fix_category_logo_url
FIX: Form CDN URL client side instead.
2016-09-22 11:01:16 +02:00
Guo Xiang Tan b5d6d3c326 FIX: Make recover from tombstone script work for multisite. 2016-09-22 12:28:36 +08:00
Guo Xiang Tan d312c82474 Revert "FIX: wasn't able to update category's settings"
This reverts commit 282f9948cb.
2016-09-22 11:29:44 +08:00
Guo Xiang Tan 333d6f9f10 More improvements to restore from tombstone script. 2016-09-22 10:39:39 +08:00
Arpit Jalan 13aff1f2f8 FEATURE: optionally delay the rebake_match task 2016-09-21 21:48:57 +05:30
Guo Xiang Tan 1d4451db5d Improve restore from tombstone script by not having to loop through all posts. 2016-09-21 18:01:59 +08:00
Guo Xiang Tan b62b6ba12c Improve restore from tombstone rake task. 2016-09-21 17:47:27 +08:00
Guo Xiang Tan 3af5b19002 Add rake task to restore missing uploads from tombstone. 2016-09-21 16:56:32 +08:00
Guo Xiang Tan 7139538286 Fix typo. 2016-09-21 16:04:41 +08:00
pmusaraj 5dbb3035d4 add "Approve new topics unless user level" setting 2016-09-19 14:07:15 -04:00
Régis Hanol 53e309fe3e add missing flags emoji 2016-09-19 19:39:46 +02:00
Régis Hanol d46084d328 update & optimize emojis 2016-09-19 13:43:53 +02:00
Régis Hanol 86d1bc7f47 new emoji:update rake task 2016-09-19 13:43:15 +02:00
Sam 8dc4329094 FEATURE: optionally get extra profile info from facebook
This feature requires the application be approved by facebook, so it is
default off
2016-09-19 16:14:11 +10:00
Sam 5b3cd3fac9 FEATURE: Import facebook avatars when logging in via facebook
FIX: warning about popup dimensions when using facebook login

Rules are:

- On account creation we always import
- If you already have an avatar uploaded, nothing is changed
- If you have no avatar uploaded, we upload from facebook on login
- If you have no avatar uploaded, we select facebook unless gravatar already selected

This also fixes SSO issues where on account creation accounts had missing avatar uploads
2016-09-19 15:10:23 +10:00
Robin Ward 960620d91b FIX: Respect the `acting_user` attribute on the PostValidator 2016-09-16 13:15:01 -04:00
Robin Ward 64094954bc FIX: Broken posting 2016-09-16 13:12:05 -04:00
Guo Xiang Tan 0bf7519a8a FIX: `tar --list` against a `.tar.gz` file takes too long.
This resulted in requests being blocked for an extended amount
of time when initializing the restorer.
2016-09-16 17:11:14 +08:00
Guo Xiang Tan 68637f2164 FIX: Uploads being restored into the wrong directory for multisite. 2016-09-16 14:26:06 +08:00
Guo Xiang Tan f63a797e39 SECUIRTY: Escape input made to system calls. 2016-09-16 11:58:14 +08:00
Guo Xiang Tan 8f36290c05 FIX: No need to list all the files. 2016-09-16 11:57:35 +08:00
Neil Lalonde 8087cca54d Version bump to v1.7.0.beta4 2016-09-13 12:23:51 -04:00
Arpit Jalan e46204d195 FIX: allow long words if they contain periods 2016-09-13 09:15:05 +05:30
Robin Ward 2c9a47dda5 FIX: Validate the raw content of posts before enqueuing them 2016-09-12 12:26:49 -04:00
Neil Lalonde b381d84dd9 FIX: tag search should not be case sensitive 2016-09-09 16:55:26 -04:00
Robin Ward e78b7a243e FIX: Don't enqueue posts if the user can't create them (ex: closed) 2016-09-09 12:15:56 -04:00
Robin Ward 9609a47016 Ability to skip email validation via a plugin 2016-09-07 14:05:46 -04:00
Robin Ward 610dd933a3 FEATURE: Support importing email from Twitter 2016-09-06 12:18:13 -04:00
Guo Xiang Tan 1b2b142f30 FIX: Post without a topic can be destroyed. 2016-09-05 19:00:49 +08:00
Guo Xiang Tan aabb7a8592 FIX: DiscourseEvent should not be triggered from within the controller. 2016-09-05 15:58:04 +08:00
Guo Xiang Tan aa9decf6fd Remove `DiscourseEvent.clear`. 2016-09-05 15:17:49 +08:00
Sam 59640bae3b FIX: absolute URL for CDN should always be rooted with a protocol 2016-09-05 15:57:46 +10:00
Guo Xiang Tan e4b75f604c FIX: Make clean up upload script a safer task to run. 2016-09-05 10:06:02 +08:00
Arpit Jalan 76857e3f77 do not create new revision when remapping posts 2016-09-03 23:21:56 +05:30
Sam be0fd5b4cc FEATURE: allow user api key revocation for read only keys 2016-09-02 17:04:00 +10:00
Guo Xiang Tan df8d24734a Regenerate missing optimized images for all dbs by default. 2016-09-02 13:06:31 +08:00
Guo Xiang Tan e4883725e6 Script to analyze uploads on a site. 2016-09-02 12:07:06 +08:00
Guo Xiang Tan 82324db71a Allow `uploads:missing` Rake task to be run for a single site. 2016-09-02 10:22:39 +08:00
Guo Xiang Tan 2349ab5a51 `puts` not `putc`. 2016-08-29 10:30:10 +08:00
Guo Xiang Tan e57ed5223a Fix rake task. 2016-08-26 15:46:42 +08:00
Sam c4bf138d2c FIX: incorrect error being raised 2016-08-26 10:39:13 +10:00
Guo Xiang Tan b1c8ede617 Merge pull request #4420 from tgxworld/prioritize_user_avataras
Prioritize user avatars when regenerating missing optimized images.
2016-08-26 07:58:58 +08:00
Neil Lalonde b3c65620f3 Version bump to v1.7.0.beta3 2016-08-25 12:01:06 -04:00
Guo Xiang Tan 2f39293867 FIX: User enabled readonly mode was not working. 2016-08-25 23:31:59 +08:00
Vinoth Kannan 648c8d27a6 chomp before regex manifest 2016-08-25 17:15:29 +05:30
Guo Xiang Tan 2448db4716 Prioritize user avatars when regenerating missing optimized images. 2016-08-25 18:29:52 +08:00
Guo Xiang Tan 7e80810de1 FIX: Raise an error if metadata is not extracted correctly. 2016-08-25 17:20:32 +08:00
Guo Xiang Tan 5da768b4fe FIX: `find_each` uses `find_in_batches` which uses the primary key as the order. 2016-08-25 16:11:28 +08:00
Neil Lalonde 50a8eb1810 Merge pull request #4405 from gdpelican/fix/intersection-pagination
FIX: Don't join on tags unnecessarily when matching all tags
2016-08-24 14:45:15 -04:00
Neil Lalonde 7a81669c18 SECURITY: don't allow re-using the current password during password reset 2016-08-24 12:27:21 -04:00
Robin Ward 79245a25a3 Explain the `skip_jobs` parameter 2016-08-24 11:06:14 -04:00
Régis Hanol 038eb6f645 FIX: translations with a symbol as key should also be overridable 2016-08-24 11:53:03 +02:00
Guo Xiang Tan 3e4b02bbd4 FIX: Make sure constant reflects the right backup extenstion. 2016-08-24 10:28:23 +08:00
Robin Ward 2cb4cb7b72 FIX: Don't enqueue jobs in a transaction 2016-08-23 16:07:59 -04:00
Robin Ward c3a3aff120 FEATURE: Support for a whitelist for embeddable host paths 2016-08-23 14:56:12 -04:00
Guo Xiang Tan f19232646f Rescue all errors when backfilling shas for uploads. 2016-08-23 15:05:37 +08:00
Guo Xiang Tan 2c1249f381 Remove monkey patch. 2016-08-23 12:04:53 +08:00
Guo Xiang Tan 574b8fdf41 Allow backfilling of shas to complete. 2016-08-23 10:34:32 +08:00
Arpit Jalan a39929d12e FEATURE: add opengraph and twitter meta tags on every page 2016-08-21 22:08:49 +05:30
Arpit Jalan 3bd8b55fce FEATURE: new rake task to change post ownership for a specific user 2016-08-20 20:43:16 +05:30
Robin Ward b4b96bf62b FIX: Support searching your PMs via full page 2016-08-19 15:00:05 -04:00
Arpit Jalan a590f35982 FEATURE: allow changing post owners without creating post revision 2016-08-19 23:34:21 +05:30
James Kiesel 386b8b8498 Don't join on tags unnecessarily when matching all tags 2016-08-19 10:37:32 -05:00
Guo Xiang Tan 5222022842 Use another rake task to regenerate optimized images for multisite. 2016-08-19 15:52:09 +08:00
Guo Xiang Tan 3141c179f7 REFACTOR: Get bucket name from S3Helper. 2016-08-19 14:08:37 +08:00
Sam b09922b58a we have to allow message bus for read clients 2016-08-19 15:22:52 +10:00
Neil Lalonde 7195a103ab FEATURE: digests choose topics you're watching or tracking first 2016-08-18 17:16:52 -04:00
Sam 3ea68f8f6c tweak headers so they can be consumed 2016-08-18 14:38:33 +10:00
Régis Hanol 6d1d7b7c8f UX: new /categories layout 2016-08-17 23:23:16 +02:00
Neil Lalonde d079f69b7b FEATURE: add flair to avatars using new settings in the groups admin UI 2016-08-17 15:13:15 -04:00
Arpit Jalan 6af4e6bd05 FEATURE: new rake task to remap posts matching a string 2016-08-17 14:08:46 +05:30
Guo Xiang Tan 78bec20424 FIX: Check options and not just site settings. 2016-08-17 16:16:00 +08:00
Arpit Jalan dc4799dda2 handle posts:rebake_match task without type argument 2016-08-17 01:01:06 +05:30
Arpit Jalan 054ee4dc55 FEATURE: new rake task to rebake posts using regex matching 2016-08-17 00:01:19 +05:30
Guo Xiang Tan 7ff1f6cb9d Allow custom bucket name for `FileStore::S3Store`. 2016-08-16 15:25:42 +08:00
Sam 416e7e0d1e FEATURE: basic UI to view user api keys 2016-08-16 17:06:52 +10:00
Guo Xiang Tan 11356fb9f4 Allow custom s3 options for `S3Helper`. 2016-08-16 11:13:59 +08:00
Neil Lalonde 3b792054f2 Merge pull request #4387 from gdpelican/feature/tags-intersection
FEATURE: Tags intersection page
2016-08-15 16:24:29 -04:00
Neil Lalonde 5849c345cc FEATURE: digest emails will try to choose topics from your tracked and watched categories first 2016-08-15 16:16:04 -04:00
James Kiesel 037e9bb7b8 Support any number of tag intersections 2016-08-15 15:30:17 -04:00
Guo Xiang Tan 1916924304 Split options into another method so that plugins can use it. 2016-08-15 22:04:24 +08:00
Guo Xiang Tan 205be0d044 Remove unused require. 2016-08-15 21:58:55 +08:00
Guo Xiang Tan 0433163866 FEATURE: Support subfolders in `SiteSetting.s3_backup_bucket`. 2016-08-15 16:14:51 +08:00
Sam fc095acaaa Feature: User API key support (server side implementation)
- Supports throttled read and write
- No support for push yet, but data is captured about intent
2016-08-15 17:59:36 +10:00
Guo Xiang Tan aa5de3c40a FEATURE: Support subfolders in S3 bucket name.
This commit also fixes a bug where s3 uploads are not
moved to a tombstone folder when removed.
2016-08-15 13:07:41 +08:00
Guo Xiang Tan 3378ee223f FIX: Incorrect path being passed to `S3Store#remove_file`. 2016-08-15 11:35:30 +08:00
Robin Ward ec8622a860 FIX: Count the records added, including duplicates 2016-08-12 17:18:12 -04:00
James Kiesel e14f3c802b Cleanup 2016-08-12 15:56:56 -04:00
Robin Ward aef954784a FIX: `nofollow` was being added during post processing when it shouldn't 2016-08-12 15:35:13 -04:00
James Kiesel 7e73b933c7 First pass 2016-08-12 15:28:46 -04:00
Robin Ward 11939fa8b9 PERF: Avoid some more count queries when fetching more results 2016-08-12 13:05:09 -04:00
Neil Lalonde b8d1079e68 Version bump to v1.7.0.beta2 2016-08-12 11:49:21 -04:00
Guo Xiang Tan 42593562f5 Merge pull request #4384 from tgxworld/raise_error_when_method_not_implemented
FIX: Make sure we raise an error when method is not implemented.
2016-08-12 12:41:42 +08:00
Sam 8a792508e9 PERF: improve offset discovery query 2016-08-12 14:36:38 +10:00
Guo Xiang Tan 1779a9634a FIX: Make sure we raise an error when method is not implemented. 2016-08-12 11:43:57 +08:00
Robin Ward 414388b94f FIX: Allow disabling of sanitization (for email customiaztions) 2016-08-11 14:59:20 -04:00
Robin Ward 431c211ec2 Bump search post id cache to 1 week 2016-08-11 14:06:07 -04:00
Robin Ward 35922bf692 Use `unscoped` instead of `with_deleted` 2016-08-11 13:12:59 -04:00
Robin Ward 7e165d031b FIX: Short terms will be searched for if at least one is long enough 2016-08-11 11:53:14 -04:00
Guo Xiang Tan 6075debc90 Add specs to hidding settings when shadowed by a global. 2016-08-11 16:04:45 +08:00
Guo Xiang Tan 11afb20772 SECURITY: Escape HTML in filename. 2016-08-11 11:27:12 +08:00
Guo Xiang Tan 6288d4c995 FIX: Revised post not updated correctly when merging posts. 2016-08-11 09:01:54 +08:00
Robin Ward 4bb6f88181 FIX: Bump up backfill size to 50 2016-08-10 17:51:29 -04:00
Robin Ward c1cd9e0647 PERF: For estimates, we don't need to worry about deleted 2016-08-10 17:25:34 -04:00
Robin Ward fc311dbe3b FEATURE: An option to search more recent posts for very large sites.
On very large forums searching posts can be slow, so this commit
introduces the ability to try and search only the most recent posts
first, and then going for a larger breadth search if there aren't
enough results.

Enable `search_prefer_recent_posts` and you can customize how many
recent posts to filter with `search_recent_posts_size`
2016-08-10 15:43:42 -04:00
Régis Hanol e55e2aff94 FIX: FirstReplyByEmail badge wasn't granted
DEPRECATED: PostProcess badge trigger
2016-08-10 19:24:01 +02:00
Robin Ward d763ce08c0 FIX: Travis failure 2016-08-10 13:20:39 -04:00
Robin Ward cc366d5a60 FIX: Search in non-english should have a smaller minimum 2016-08-09 15:20:28 -04:00
Robin Ward 28436a604a FIX: Prevent tricking the search from ignoring minimum lengths 2016-08-09 14:49:46 -04:00
Robin Ward c1125c8649 PERF: Use simpler serializer for search, eager load post users 2016-08-09 14:49:46 -04:00
Régis Hanol 282f9948cb FIX: wasn't able to update category's settings 2016-08-09 20:14:49 +02:00
Sam 5cc8bb535b SECURITY: do cookie auth rate limiting earlier 2016-08-09 10:02:18 +10:00
Régis Hanol 51322a46b3 FEATURE: retry processing incoming emails on rate limit 2016-08-08 22:28:27 +02:00
Régis Hanol 5c06076b5c FIX: strip blacklisted attachments before checking for empty email body 2016-08-08 22:20:33 +02:00
Matt Palmer aa56100660 Failover messages really aren't warnings
"I'm going to do something entirely sane and reasonable" doesn't warrant a
warning-level log message.  It's perfectly fine and reasonable to just log
that sort of thing at info level.
2016-08-08 16:02:23 +10:00
Guo Xiang Tan 8539f02b5e FIX: Backuper should return the full path. 2016-08-08 07:49:37 +08:00
Neil Lalonde 823a699d41 Version bump to v1.7.0.beta1 2016-08-05 15:18:19 -04:00
Neil Lalonde f10c4682cd FIX: muted tags showing in latest topic list 2016-08-04 11:54:48 -04:00
Guo Xiang Tan 6827239444 Merge pull request #4360 from tgxworld/support_new_pg_dump_format
Changes to backup and restore
2016-08-04 10:58:42 +08:00
Régis Hanol e92f5e4fbf FEATURE: new email attachment blacklists site settings 2016-08-03 17:55:54 +02:00
Régis Hanol 35c13bca6c Merge pull request #4363 from cpradio/version-link-shows-compare
FEATURE: Installed Version link shows GitHub Compare to branch being followed
2016-08-03 16:03:57 +02:00
Régis Hanol 323bd555c0 FIX: process all incoming email's destinations instead of only the first 2016-08-03 15:57:37 +02:00
Régis Hanol b08ab829b8 added 'X-Auto-Response-Suppress' email header (props to elijah) 2016-08-03 11:02:07 +02:00
Guo Xiang Tan adc8336949 Make sure we track restore/backlog success logs as well. 2016-08-03 16:23:47 +08:00
Guo Xiang Tan b860d1b254 FIX: Ensure uploads directory exists. 2016-08-03 16:23:47 +08:00
Guo Xiang Tan 0a942dbc73 FEATURE: Avoid creating an archive for database only backups. 2016-08-03 16:23:46 +08:00
cpradio 1b89c2f0ef FEATURE: Installed Version link shows GitHub Compare to branch being followed 2016-08-02 06:18:44 -04:00
Guo Xiang Tan 3f4f1ee032 Merge pull request #4359 from tgxworld/backward_compatibility_for_backups_and_restores
FIX: Ensure that our restorer is backwards compatible.
2016-08-02 10:45:27 +08:00
Guo Xiang Tan 441b98579a FIX: Ensure that our restorer is backwards compatible. 2016-08-02 09:19:56 +08:00
Régis Hanol ca4c939e9a incoming mail is considered autogenerated when the subject match a list of 'out of office' keywords 2016-08-02 00:04:59 +02:00
Régis Hanol 7d0dc7cb7a FIX: don't create staged user(s) when receiving a bounce (mailer-deamon begone) 2016-08-01 23:37:59 +02:00
Sam 9018de39ed FEATURE: allow shipping bio markdown via SSO
- Also adds site setting for sso_overrides_bio to disable bio editing by end users
2016-08-01 15:29:28 +10:00
Robin Ward 2891f230d1 SECURITY: Make sure uploaded_urls have corresponding upload records 2016-07-28 13:54:17 -04:00
Robin Ward dc1a830d3d SECURITY: SQL Injection in Admin List Active Users 2016-07-28 11:42:06 -04:00
Guo Xiang Tan 36ddb1787e FEATURE: Add toggle topic visibility button in popup menu. 2016-07-28 16:57:04 +08:00
Sam 16a383ea1e SECURITY: limit bad cookie auth attempts
- Also cleans up the _t cookie if it is invalid
2016-07-28 12:58:49 +10:00
Sam ab68e0c9db FEATURE: allow "developer" account flagging via developers table
This mechanism for flagging developer accounts will eventually replace
DISCOURSE_DEVELOPER_EMAILS
2016-07-28 10:14:06 +10:00
Régis Hanol 11172b7c2d FIX: cropping GIF wasn't working 2016-07-27 18:48:02 +02:00
Andre Pereira 8cbd585e20 FEATURE: Allow staff users to merge posts. 2016-07-27 12:04:14 +08:00
Robin Ward 2a4006fe0c Add `YandexBot` to our list of crawlers 2016-07-26 13:21:37 -04:00
Neil Lalonde ce595189ff Version bump to v1.6.0.beta12 2016-07-26 11:49:51 -04:00
Guo Xiang Tan 76e57ddef3 FIX: Log errors in `ensure` block of restorer. 2016-07-26 10:24:01 +08:00
Guo Xiang Tan 03aa13b2bb FEATURE: Work with compressed version of `pg_dump` during backup and restore. 2016-07-26 10:24:01 +08:00
Sam b5fbff947b FIX: don't expire old sessions when logging in 2016-07-26 11:37:41 +10:00
Régis Hanol b0f7e4ba00 FEATURE: deactive users after too many bounces 2016-07-25 18:57:06 +02:00
Régis Hanol 7648916314 new 'reset_bounce_score_after_days' site setting 2016-07-25 17:29:54 +02:00
Régis Hanol d2e22ab215 extract bounce scores into site settings 2016-07-25 17:27:28 +02:00
Régis Hanol 9971e62254 FIX: migrate_from_s3 rake task 2016-07-25 12:12:10 +02:00
Sam e01802a13b FIX: strip quote from search term when searching within topic 2016-07-25 15:06:25 +10:00
Sam c1f62d8657 Revert "make upgrade a bit more seamless"
This reverts commit 78b88a1633.
2016-07-25 12:49:33 +10:00
Sam 78b88a1633 make upgrade a bit more seamless 2016-07-25 12:30:52 +10:00
Sam df535c6346 FEATURE: refresh session cookie at most once an hour
This feature ensures session cookie lifespan is extended
when user is online.

Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
Arpit Jalan a9207dafa7 FEATURE: configure session time via site setting for all the users (#4343) 2016-07-23 02:57:30 +05:30
Robin Ward af266acac1 FIX: Plugin Custom emoji weren't working correctly on the server side 2016-07-22 12:59:43 -04:00
Sam 12dc511fea PERF: make score calculator cheaper when site has long topics 2016-07-22 09:48:44 +10:00
Robin Ward c11f7bee99 FIX: Registering emoji via plugin.rb was broken 2016-07-21 14:15:51 -04:00
Neil Lalonde 7c092b0fe0 FEATURE: add filter to show topics that have not been tagged 2016-07-20 16:21:51 -04:00
Guo Xiang Tan 1adfa0a4b5 FEATURE: Add SiteSetting to disable readonly mode during backup. 2016-07-19 17:44:04 +08:00
Sam 1c964bf730 PERF: cache category topic ids 2016-07-19 12:34:54 +10:00
Robin Ward 7d4aed66c7 Email Cooker can onebox posts too 2016-07-18 15:00:12 -04:00
Robin Ward 12cfc8cedd FIX: Email cooker should support links within blockquotes 2016-07-18 14:38:40 -04:00
Robin Ward 6db50b820d FIX: Email cooker should link links that don't begin a line 2016-07-18 13:46:13 -04:00
Sam Saffron 46b34e3c62 FEATURE: remove user option for edit history public
Users can no longer opt-in for "public" edit history
if site owner disables it.

This feature adds cost and complexity to post rendering since
user options need to be premeptively loaded for every user in the
stream. It is also confusing to explain to communities with private edit
history.
2016-07-16 21:30:00 +10:00
Sam Saffron 6777bd2629 warm up v8 after fork 2016-07-16 15:11:34 +10:00
Robin Ward 56a7249498 Minor quoting improvements to email cooker 2016-07-15 15:37:16 -04:00
Régis Hanol caa1aea995 FIX: ensure emojis have absolute URLs and uses CDN 2016-07-15 18:37:51 +02:00
Régis Hanol 6ed03bf3d9 FIX: always update bounce_score even when email was not auto_generated 2016-07-15 18:00:40 +02:00
Régis Hanol 8d2c878b34 FIX: only send 1 rejection email per day to prevent loops 2016-07-15 13:18:55 +02:00
Guo Xiang Tan b981041f6f Make sure we log failures in `ensure` block. 2016-07-15 11:36:47 +08:00
Guo Xiang Tan 4aa3442824 Skip validations when creating a post by system user. 2016-07-15 11:36:29 +08:00
Guo Xiang Tan 5fe4837e28 Add `PostCreator#create!`. 2016-07-15 11:36:06 +08:00
Hu Ming f8a12d4940 Add support for AWS cn (#4327) 2016-07-14 16:56:09 +02:00